Back to All Checks
Low EventBridge Regional

EventBridge custom event buses should have resource policies attached

NIST 800-53PCI DSS v4.0.1PCI DSS v10.3.1HIPAA

Description

This control checks whether custom Amazon EventBridge event buses have a resource-based policy attached. The control fails if a custom event bus doesn't have a resource-based policy. By attaching a resource policy to the event bus, you can limit access to the event bus to specified accounts as well as intentionally grant access to entities in another account.

Remediation

Attach a resource policy to your EventBridge custom event bus.

Steps

  1. Navigate to the Amazon EventBridge console
  2. Go to 'Event buses' in the left navigation
  3. Select your custom event bus
  4. Choose 'Edit'
  5. In the 'Resource policy' section, add a policy defining allowed principals and actions
  6. Save the configuration

Compliance

NIST 800-53PCI DSS v4.0.1PCI DSS v10.3.1HIPAA
Start Your Free Security Check